I would like to know how to setup sharepoint to use user based permissions, specifically on objects. Currently our sharepoint has a list of customers and a list of projects. Anyone can view documents for any project or customer. We want to change this by creating 3 permission group.

Admin / Boss (Full access to everything)

Senior Employees (Full access + can share to others)

Regular Employees (Access only to projects they are assigned to)

We arent sharepoint dev experts and it's hard to know where to start looking. Is this a custom dev job, with some workflow components? Can we do this stuff with just out the box tools?

I had a quick search on google and found this, but was unable to implement it on our test server.

SharePoint permissions can be applied at various objects. You can grant permissions at the site level, library or list level or item level (document or folder) level. I would not personally recommend providing access on document level as it is a nightmare managing permissions in future.

In your case, assigning permissions depends on how your documents are saved for various customer. If all your documents are saved in one big library, then first I would suggest to move documents related to each customer into its own library. If you cannot move each customer document into its own customer library, I would suggest atleast create folders for each customer and move all related documents underneath that folder.

Now create SharePoint groups 'Admin / Boss', 'Senior Employees' and group for each customer. For admins and senior employees provide 'full control' and 'edit' access on the site and 'read' access for all customer sharepoint groups. Now break permission inheritance at library (or folder) depending on how you saved your customer documents and remove all permissions except the customer SharePoint group, admin and senior employees. Also update the customer sharepoint group permission to have 'edit' access.